Elastic APM Server: Log Leak from ElasticSearch Error Response
CVE-2024-23448 Published on February 7, 2024
An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this could lead to the insertion of sensitive or private information in the APM Server logs.
Vulnerability Analysis
Weakness Type
Insertion of Sensitive Information into Log File
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.
Products Associated with CVE-2024-23448
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-23448 are published in Elastic Apm Server:
Affected Versions
Elastic APM Server:- Version 8.12 and below 8.12.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.